# # # patch "ChangeLog" # from [de37bf6fe446f68e48368427efbe4881ebb5afc0] # to [95bce1b8a852edcb8934c84e0172b66961308444] # # patch "netsync.cc" # from [8c4cbdeb2898f87f5f74457e7148a4cc0afde674] # to [4762b64c8b2098ee894c3798934fdcdfc4c80bdd] # # patch "paths.cc" # from [227025632497d6849fc4946feeded4d7980f7008] # to [f5e27ba6d46c0f26db552d0e1a78641bc4083cff] # # patch "tests/t_netsync_permissions.at" # from [a02747cf46bece412d85d63694356704a482c8ff] # to [9a8356b76404d50e044f74e5f59d6e055ad64d1e] # ============================================================ --- ChangeLog de37bf6fe446f68e48368427efbe4881ebb5afc0 +++ ChangeLog 95bce1b8a852edcb8934c84e0172b66961308444 @@ -1,3 +1,12 @@ +2006-02-10 Derek Scherger + + * netsync.cc (process_anonymous_cmd, process_auth_cmd): don't + report misleading permission denied errors for branches that are + not being served + * paths.cc (find_and_go_to_workspace): delete stale comment + * tests/t_netsync_permissions.at: add test pull of branch that is + not served + 2006-02-10 Richard Levitte * monotone.texi (Hooks): Change the example for ============================================================ --- netsync.cc 8c4cbdeb2898f87f5f74457e7148a4cc0afde674 +++ netsync.cc 4762b64c8b2098ee894c3798934fdcdfc4c80bdd @@ -1318,13 +1318,18 @@ i != branchnames.end(); i++) { if (their_matcher(*i)) - if (our_matcher(*i) && app.lua.hook_get_netsync_read_permitted(*i)) - ok_branches.insert(utf8(*i)); - else + if (!our_matcher(*i)) { + error((F("not serving branch '%s'") % *i).str()); + return true; + } + else if (!app.lua.hook_get_netsync_read_permitted(*i)) + { error((F("anonymous access to branch '%s' denied by server") % *i).str()); return true; } + else + ok_branches.insert(utf8(*i)); } P(F("allowed anonymous read permission for '%s' excluding '%s'\n") @@ -1410,15 +1415,22 @@ { if (their_matcher(*i)) { - if (our_matcher(*i) && app.lua.hook_get_netsync_read_permitted(*i, their_id)) - ok_branches.insert(utf8(*i)); - else + if (!our_matcher(*i)) { + error((F("not serving branch '%s'") % *i).str()); + return true; + + } + else if (!app.lua.hook_get_netsync_read_permitted(*i, their_id)) + { W(F("denied '%s' read permission for '%s' excluding '%s' because of branch '%s'\n") % their_id % their_include_pattern % their_exclude_pattern % *i); + error((F("access to branch '%s' denied by server") % *i).str()); return true; } + else + ok_branches.insert(utf8(*i)); } } ============================================================ --- paths.cc 227025632497d6849fc4946feeded4d7980f7008 +++ paths.cc f5e27ba6d46c0f26db552d0e1a78641bc4083cff @@ -473,7 +473,6 @@ bool find_and_go_to_workspace(system_path const & search_root) { - // unimplemented fs::path root(search_root.as_external(), fs::native); fs::path bookdir(bookkeeping_root.as_external(), fs::native); fs::path current(fs::initial_path()); ============================================================ --- tests/t_netsync_permissions.at a02747cf46bece412d85d63694356704a482c8ff +++ tests/t_netsync_permissions.at 9a8356b76404d50e044f74e5f59d6e055ad64d1e @@ -21,6 +21,10 @@ * ]) +ADD_FILE(badfile, [badfile +]) +AT_CHECK(MONOTONE --branch=badbranch commit --message badfile, [], [ignore], [ignore]) + AT_CHECK(cp test.db clean.db) AT_CHECK(cp -r keys/ clean_keys) @@ -133,6 +137,13 @@ NETSYNC_CLIENT_RUN(pull, testbranch) AT_CHECK(MONOTONE2 automate get_revision $BASE, [0], [stdout], [stderr]) +# pull with bad branch fails + +AT_CHECK(cp clean.db test2.db) +AT_CHECK(rm -r keys2 && cp -r clean_keys/ keys2) +NETSYNC_CLIENT_RUN(pull, badbranch, 1) +AT_CHECK(MONOTONE2 automate get_revision $BASE, [1], [stdout], [stderr]) + # pull with other key fails AT_CHECK(cp clean.db test2.db)